POS malware hits Eddie Bauer clothing stores

Last week, clothing store Eddie Bauer announced that its point-of-sale (POS) systems throughout its US and Canadian stores had been plagued with malware over the past seven months.

Their press release didn’t specify how many stores were affected, but they do know the malware was live from January 2 to July 17, 2016.

Cardholder names, payment card numbers, security codes, and expiration dates may have been extracted by the malware, which is thought to be part of a sophisticated attack directed at other restaurants, hotels, and retailers.

Eddie Bauer is a multichannel outdoor sportswear retailer that operates 370 stores across the US and Canada.

Limiting POS malware and complying with the PCI DSS

Any organization that stores, transmits, or processes cardholder data must comply with the PCI DSS.

The Standard requires organizations (merchants) to put stringent measures in place to ensure that sensitive payment card data is kept secure at all times.

Not only does compliance with the PCI DSS help to mitigate the risk of losing sensitive information, it also helps prevent POS malware from attacking systems.

POS malware has affected many restaurants and hotels this year, including: